You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have some containers that have a frontend and backend network defined. Currently, if I perform a name resolution on those containers I am receiving both addresses.
We should consider a config.json option that excludes specifically labeled OR named networks from being advertised over DNS.
For arguments sake, we'll consider the containers db, redis, and app as created by the following docker-compose file:
Right now, we only inspect containers, and doing something based on network labels would require us to perform an additional Docker API request for each attached network of the requested container, which I'm not a big fan of.
Also, the more I use the JSON configuration file, the less I like it, and I definitely don't think we want to add more bespoke one-off configuration items, so I'm wondering if maybe we could do something more "generic" with text/template to allow for a more generic mini-expression like {{ if (eq .Name "backend") }}true{{ end }} so that users can build up some of their own logic (maybe with helper functions defined for things like CIDR comparisons?).
Also, I went to a talk about CoreDNS back at KubeCon last November, and it's flexible enough that I've considered whether rawdns actually makes sense to continue doing things with, given that I think it could be implemented much more flexibly using CoreDNS (although with the caveat that I haven't actually tried writing anything with/for it yet). I mean, if it's working for the complex needs of Kubernetes itself, maybe it isn't worth maintaining my own DNS server anymore? 😅
I have some containers that have a
frontend
andbackend
network defined. Currently, if I perform a name resolution on those containers I am receiving both addresses.We should consider a
config.json
option that excludes specifically labeled OR named networks from being advertised over DNS.For arguments sake, we'll consider the containers
db
,redis
, andapp
as created by the followingdocker-compose
file:If we
dig <rawdns_container> app.tld
then I should only receive thefrontend
IP address.We can achieve this through some configuration option like:
The way you would read this is:
DO_NOT_RESOLVE
, then don't return IPs with that networkbackend
, then don't return IPs associated with that networkSo if I try a
dig <rawdns_container> app.tld
then I would only receive thefrontend
IP.The text was updated successfully, but these errors were encountered: